1056253 – Update configuration to have the BRMS/BPMS security policy turned off by default

Bug 1056253 - Update configuration to have the BRMS/BPMS security policy turned off by default

Summary: Update configuration to have the BRMS/BPMS security policy turned off by default

Keywords:
Status:	CLOSED EOL
Alias:	None
Product:	JBoss BRMS Platform 6
Classification:	Retired
Component:	Configuration
Sub Component:
Version:	6.0.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	urgent
Target Milestone:	CR2
Target Release:	6.0.0
Assignee:	Ryan Zhang
QA Contact:	Lukáš Petrovický
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1056254
TreeView+	depends on / blocked

Reported:	2014-01-21 19:02 UTC by Rajesh Rajasekaran
Modified:	2020-03-27 18:02 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1056254 (view as bug list)
Environment:
Last Closed:	2020-03-27 18:02:16 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description Rajesh Rajasekaran 2014-01-21 19:02:48 UTC

Description of problem:
As a result of enabling the security manager to resolve MVEL evaluation security issues, a substantial performance drop has been identified in FSW/BRMS/BPMS 6 builds. This performance drop is substantial enough that it could undermine the competitiveness of these products.

Hence disable the security manager  by default in standalone.sh, and provide e.g. standalone-secure.sh with it enabled.
This also needs to be done for the domain mode.

Comment 2 Lukáš Petrovický 2014-01-24 15:27:30 UTC

VERIFIED with CR2, policy is disabled by default.

Note You need to log in before you can comment on or make changes to this bug.